[lxc-devel] [PATCH] fix free() of args to startl

[Stéphane Graber]

On Tue, Oct 29, 2013 at 02:38:00PM -0400, Dwight Engen wrote:
> Coverity 1076328 marked this as "Use after free", which it isn't really,
> its actually just free()ing the wrong 2nd, 3rd, etc... pointers. Test by
> passing two or more args to startl, without this change you get segfault
> when free()ing the second pointer/arg.
> 
> Signed-off-by: Dwight Engen <dwight.engen at oracle.com>

Confirmed the crash here with two lines of python :)

Acked-by: Stéphane Graber <stgraber at ubuntu.com>

> ---
>  src/lxc/lxccontainer.c | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
> index f2f7240..9d537a6 100644
> --- a/src/lxc/lxccontainer.c
> +++ b/src/lxc/lxccontainer.c
> @@ -641,9 +641,9 @@ static bool lxcapi_startl(struct lxc_container *c, int useinit, ...)
>  
>  out:
>  	if (inargs) {
> -		char *arg;
> -		for (arg = *inargs; arg; arg++)
> -			free(arg);
> +		char **arg;
> +		for (arg = inargs; *arg; arg++)
> +			free(*arg);
>  		free(inargs);
>  	}
>  
> -- 
> 1.8.3.1
> 
> 
> ------------------------------------------------------------------------------
> Android is increasing in popularity, but the open development platform that
> developers love is also attractive to malware creators. Download this white
> paper to learn more about secure code signing practices that can help keep
> Android apps secure.
> http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
> _______________________________________________
> Lxc-devel mailing list
> Lxc-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-devel

-- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20131029/151e6835/attachment.pgp>